This is an archive of the discontinued LLVM Phabricator instance.

[DFSan] Add `zeroext` attribute for callbacks with 8bit shadow variable arguments
ClosedPublic

Authored by tangyouling on Dec 27 2022, 3:47 AM.

Details

Summary

Add zeroext attribute for below callbacks' first parameter
(8bit shadow variable arguments) to conform to many platforms'
ABI calling convention and some compiler behavior.

  • __dfsan_load_callback
  • __dfsan_store_callback
  • __dfsan_cmp_callback
  • __dfsan_conditional_callback
  • __dfsan_conditional_callback_origin
  • __dfsan_reaches_function_callback
  • __dfsan_reaches_function_callback_origin

The type of these callbacks' first parameter is u8 (see the
definition of dfsan_label). First, many platforms' ABI
requires unsigned integer data types (except unsigned int)
are zero-extended when stored in general-purpose register.
Second, the problem is that compiler optimization may assume
the arguments are zero-extended and, if not, misbehave, e.g.
it uses an i8 argument to index into a jump table. If the
argument has non-zero high bits, the output executable may
crash at run-time. So we need to add the zeroext attribute
when declaring and calling them.

Diff Detail

Event Timeline

tangyouling created this revision.Dec 27 2022, 3:47 AM
Herald added a project: Restricted Project. · View Herald TranscriptDec 27 2022, 3:47 AM
tangyouling requested review of this revision.Dec 27 2022, 3:47 AM
Herald added a project: Restricted Project. · View Herald TranscriptDec 27 2022, 3:47 AM

add zeroext attribute patch with help from @SixWeining, thanks.

browneee added inline comments.Dec 27 2022, 10:17 AM
llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
299–306

Move this into D140690

All the other ZExt fixes in this file are unrelated to this.

1053–1055

I think the 8bit shadow variable arguments should be zext on any platform (this applies to all the ZExt changes in this file).

1129–1134

Move this into D140690

All the other ZExt fixes in this file are unrelated to this.

1435

Please use a separate AttributeList for each call, like in initializeRuntimeFunctions().

llvm/test/Instrumentation/DataFlowSanitizer/callback-loongarch64.ll
1

Move file to D140690.

Address @browneee comments.

tangyouling retitled this revision from [llvm][dfsan] Enable loongarch64 and add `zeroext` attribute to [DFSan] Add `zeroext` attribute for callbacks with 8bit.Dec 27 2022, 6:58 PM
tangyouling edited the summary of this revision. (Show Details)
SixWeining retitled this revision from [DFSan] Add `zeroext` attribute for callbacks with 8bit to [DFSan] Add `zeroext` attribute for callbacks with 8bit shadow variable arguments.Dec 27 2022, 6:59 PM

Add some missing tests.

browneee accepted this revision as: browneee.Dec 28 2022, 12:55 AM
This revision is now accepted and ready to land.Dec 28 2022, 12:55 AM
MaskRay accepted this revision.EditedDec 28 2022, 1:07 PM

Similar to D76624 (SystemZ for msan).

MaskRay added a comment.EditedDec 28 2022, 1:15 PM

Some platforms' ABI including LoongArch and RISCV requires unsigned integer data types (except unsigned int) are zero-extended when stored in general-purpose register. So we need to add the zeroext attribute when declaring and calling them.

This is not precise. First, most architectures zero-extend unsigned integer data types... So you change "some" to "many" and drop LoongArch/RISCV.
Second, the problem is that compiler optimization may assume the arguments are zero-extended and, if not, misbehave, e.g. it uses an i8 argument to index into a jump table. If the argument has non-zero high bits, the output executable may crash at run-time.

tangyouling edited the summary of this revision. (Show Details)Dec 28 2022, 5:57 PM